Uplandustries/WebConsole-Client-v2.4
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Added check for whitelisted/blacklisted commands.

Browse Source
This commit is contained in:
awesomemoder316 2021-08-17 19:33:09 -07:00
parent 378d96c504
commit e846ad6441
1 changed files with 35 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
src/es/mesacarlos/webconsole/websocket/command/ExecCommand.java
View File

@ -2,6 +2,8 @@ package es.mesacarlos.webconsole.websocket.command;
import java.util.concurrent.ExecutionException; import java.util.concurrent.ExecutionException;
import es.mesacarlos.webconsole.config.ConfigManager;
import es.mesacarlos.webconsole.config.UserData;
import org.bukkit.Bukkit; import org.bukkit.Bukkit;
import org.bukkit.command.ConsoleCommandSender; import org.bukkit.command.ConsoleCommandSender;
import org.java_websocket.WebSocket; import org.java_websocket.WebSocket;
@ -14,13 +16,45 @@ import es.mesacarlos.webconsole.util.Internationalization;
import es.mesacarlos.webconsole.websocket.WSServer; import es.mesacarlos.webconsole.websocket.WSServer;
public class ExecCommand implements WSCommand { public class ExecCommand implements WSCommand {
LoginManager loginManager = LoginManager.getInstance();
@Override @Override
public void execute(WSServer wsServer, WebSocket conn, String command) { public void execute(WSServer wsServer, WebSocket conn, String command) {
ConnectedUser u = LoginManager.getInstance().getUser(conn.getRemoteSocketAddress()); ConnectedUser u = LoginManager.getInstance().getUser(conn.getRemoteSocketAddress());
if(u == null || u.getUserType() != UserType.ADMIN) { if(u == null || u.getUserType() != UserType.ADMIN) {
if(u != null) if(u != null)
Bukkit.getLogger().warning(Internationalization.getPhrase("viewer-error-console", u, command)); Bukkit.getLogger().warning(Internationalization.getPhrase("no-send-permission-console", u, command));
return;
}
boolean allowCommand = false;
for(UserData ud : ConfigManager.getInstance().getAllUsers()) {
if (ud.getUsername().equals(loginManager.getUser(conn.getRemoteSocketAddress()).getUsername())) {
if (!ud.isWhitelistEnabled()) { //Skip whitelist check.
allowCommand = true;
break;
}
for (String whitelistedCommand : ud.getWhitelistedCommands()) {
if (command.toLowerCase().startsWith(whitelistedCommand)) {
if (!ud.isWhitelistActsAsBlacklist()) allowCommand = true; //cmd is whitelisted.
break;
}
}
if (!allowCommand //Check if was detected by whitelist
&& ud.isWhitelistActsAsBlacklist()) allowCommand = true; //cmd is not blacklisted.
break;
}
}
if (!allowCommand) {
Bukkit.getLogger().warning(Internationalization.getPhrase("no-send-permission-console", u, command));
return; return;
} }